200 Percent Increase in Phishing Incidents During the First Quarter of 2008
APACS, the UK payments association, has published figures showing a 200 percent increase in the number of phishing attacks in the UK. During the period January to March 2008 there were 10,000 reported incidents a new record.
Phishing is the name given to false emails that claim to be from banks and other financial institutions but are actually sent to you by fraudsters. These emails typically tell you to click on a link that takes you to a fake website identical to what you would expect to see. You are usually then asked to verify or update your personal security information but, by doing so, you are actually giving your information to the fraudster who has created the fake website. The fraudster then uses the details to access your real online bank account and take your money.
Number of reported phishing incidents* targeted against UK banks and building societies Q1 2006 – Q1 2008
|
Q1 |
Q2 |
Q3 |
Q4 |
Total |
|
|
2006 |
2,369 |
2,738 |
3,967 |
5,102 |
14,156 |
|
2007 |
3,394 |
3,830 |
8,931 |
9,642 |
25,797 |
|
2008 |
10,235 |
- |
- |
- |
- |
A typical phishing incident, involves thousands or even million’s of emails are sent out blindly by fraudsters, in the hope of trying to con unsuspecting people into clicking on a link that will send them to a fake website. The criminals’ objective is to fool people into thinking it is a genuine site so they will enter their online banking security information.
Sandra Quinn, director of communications at APACS, says:
“Although online banking fraud losses fell last year the fraudsters clearly aren’t giving up. Phishing scams are continuing to rise and they are becoming ever more sophisticated, which is why we want to remind people to remain wise to them. The advice is quite simple: just remember that your bank will never send you emails asking you to disclose PIN numbers, login details or complete passwords – if you receive an email of this nature you should delete it. If you think your details have been compromised you should contact your bank immediately.”
APACS research shows that although the number of people either deleting or taking no action when receiving a phishing email has increased from 75% in 2006 to 82% last year, there are still nearly one in five people who don’t follow these common sense precautions. Also, although 93% of people have anti-virus software on their PC, almost one in three people (29%) don’t have any anti-spyware software on their computer.
To avoid phishing scams, we advise you:
- Always be suspicious of unsolicited emails that claim to be from your bank; delete any phishing emails that you receive your bank will never send an email asking for sensitive account information.
- Never give your login details, PINs or passwords in full by email – banks will never request these in this way as email is not secure way to transmit account data online.
- Always access your internet bank account by typing your bank’s web address directly into the address bar on your web browser;
- Ensure that there is a locked padlock or unbroken key in the bottom right of your browser window when accessing your bank’s website. The beginning of the bank’s internet address will also change from ‘http’ to ‘https’ when a secure connection is made.
- Make sure PCs you use for any online transactions are equipped with up-to-date security and virus protection.
- Take extra care when using an internet cafe or public computer for online banking if possible avoid using a public network when making financial transactions online.
- Phishing emails can be reported directly to most banks via their website or to APACS at reports@banksafeonline.org.uk.
Comments
Got something to say?